Ask stories

Recently built something where simple domain-specific heuristics crushed a fancy ML approach I assumed would win. This has me thinking about how often we reach for complex tools when simpler ones would work better. Occam's razor moments.

Anyone have similar stories? Curious about cases where knowing your domain beat throwing compute at the problem.

Hello HN! I am putting together a community-maintained directory of personal websites at https://hnpwd.github.io/. More details about the project can be found in the README at https://github.com/hnpwd/hnpwd#readme.

As you can see, the directory currently has only a handful of entries. I need your help to grow it. If you have a personal website, I would be glad if you shared it here. If your website is hosted on a web space where you have full control over its design and content, and if it has been well received in past HN discussions, I might add it to the directory. Just drop a link in the comments. Please let me know if you do not want your website to be included in the directory.

Also, I intend this to be a community maintained resource, so if you would like to join the GitHub project as a maintainer, please let me know either here or via the IRC link in the README.

By the way, see also 'Ask HN: Could you share your personal blog here?' - https://news.ycombinator.com/item?id=36575081 - July 2023 - (1014 points, 1940 comments). In this post, the scope is not restricted to blogs though. Any personal website is welcome, whether it is a blog, digital garden, personal wiki or something else entirely.

UPDATE: It is going to take a while to go through all the submissions and add them. If you'd like to help with the process, please send a PR directly to this project: https://github.com/hnpwd/hnpwd.

Considering there is very little moat left in software and big companies can copy your product in no time?

Curious to hear arguments for and against this (compared to native) along with examples. Apps where the core functionality is camera-based.

I left my job that I got straight out of college few months ago. Why? The main reason was I had conflict with teammate in standup meeting. Used foul words. I later apologized in front of my entire teammates and settled it down. But still I resigned later on because I felt being let go. For example: My department was changed and later I was deemed unfit for that department as I could not learn “what they wanted” in two weeks. So my manager (first department) would tell me “Since you are unfit for this role, how do we take you back?” He did take us back but promoted juniors and kept me in the first level support.

To be honest I did not like that job due to the following reasons (since the start)

The work was menial.

The pay was horrible.

The blame was most because we were the lowest hanging fruits in entire company.

I wanted to prepare for government computer engineer job.

I could not see myself in that role for long.

But the reality was I could not get crack any other private sector jobs in those two plus years. I landed couple of interviews but could not get through interviews. That was when I decided government would be a better fit for my nature.

If I keep the gap visible in my resume, I will receive many questions(I might not be screened at all to be honest).

Why could not you seek a different job instead while having your existing job?

Why could not you seek a different department in your previous company itself?

I was preparing for government job since I left my job.

So I am looking for ideas to cover that gap.

Browsing for an obscure piece of electronics, I ran across a Poshmark listing that had it for considerably cheaper than anywhere else.

I didn't have an account yet, so I signed up with Google SSO and was able to place the order.

About an hour later I got an email as if I was the seller telling me to click this link to verify my account for my funds to be deposited.

Obviously phishing. Upon closer inspection, I had two earlier that were properly filtered to spam that were about 30 minutes after the order.

So the question here is what part of their system is so fundamentally broken that scammers instantly get my email? Does the seller get that upon me making that purchase?

And if that's not the case, then that means somebody has completely compromised their system.

I was doubting the potential of LLMs to produce working fullstack applications.

But now I have been proven wrong.

As a person in tech, how are you bullet proofing yourself for the post AI tools?

Besides obviously learning the new AI tooling.

I am curious how people are doing RAG locally with minimal dependencies for internal code or complex documents?

Are you using a vector database, some type of semantic search, a knowledge graph, a hypergraph?

Countless voiceless people sit alone every day and have no one to talk to, people of all ages, who don't feel that they can join any local groups. So they sit on social media all day when they're not at work or school. How can we solve this?

Doesn't matter what domain and how big or small.

I am a big fan of Claude Opus as it has been very good at understanding feature requests and generally staying consistent with my codebase (completely written from scratch using Opus).

I've noticed recently that when I am using Opus at night (Eastern US), I am seeing it go down extreme rabbit holes on the same types of requests I am putting through on a regular basis. It is more likely to undertake refactors that break the code and then iterates on those errors in a sort of spiral. A request that would normally take 3-4 minutes will turn into a 10 minute adventure before I revert the changes, call out the mistake, and try again. It will happily admit the mistake, but the pattern seems to be consistent.

I haven't performed a like for like test and that would be interesting, but has anyone else noticed the same?

I’m looking for perspectives from people who have actually built or operated long-lived enterprise software.

Context (kept intentionally generic):

We have a mature, revenue-generating enterprise application that’s been in production for years.

Semi-technical leadership (with no engineering background) is aggressively considering spinning up a new product, built using LLM-driven tools (AI code generation, rapid prototyping, etc.), with the belief that:

modern AI tooling dramatically reduces build cost, LLMs are going to improve in the future

the new system is an attempt to replicate most of what an established competitor built over ~10 years

customers can optionally migrate over time (old system remains supported)

software-only product that aims to replace all of the current application's operational complexity with a goal to make it resellable product.

early vibe coded demos created with LLM tools are a good proxy for eventual production readiness

The pitch to ownership is that this can be done much faster and cheaper than historically required, largely because “AI changes the economics of building software.”

I’m not anti-LLM — I use them daily and see real productivity gains. My concern is more structural:

LLMs seem great at accelerating scaffolding and iteration, but unclear how much they reduce:

operational complexity

data correctness issues

migration risk

long-tail customer edge cases

support and accountability costs

Demos look convincing, but they don’t surface failure modes

It feels like we’re comparing the end state of a mature competitor to the initial build cost of a greenfield system

I’m trying to sanity-check my thinking.

Questions for the community:

Have you seen LLM-first rebuilds of enterprise products succeed in practice?

Where does the “cheap and fast” narrative usually break down?

Does AI materially change the long-term cost curve, or mostly the early velocity?

If you were advising non-technical owners, what risks would you insist they explicitly acknowledge?

Is there a principled way to argue for or against this strategy without sounding like “the legacy pessimist”?

I’m especially interested in answers from:

people who have owned production systems at scale

founders who attempted full or partial rewrites

engineers who joined AI-first greenfield efforts after demos were already sold

Appreciate any real-world experiences, success stories, or cautionary tales.

I had the username @switzerland since 20.03.2006. Swiss tourism had another username since 17.10.2006. Now recently google gave my username away to swiss tourism without any notification. Their other username was fine for literally 20 years.

Worse, the app still showed my username for a long time meanwhile youtube.com/@Switzerland already showed that of swiss tourism (Schweiz Tourismus) and I was not aware of that. Hence, I lost it some months ago.

Why do I tell you? You might loose your username and you aren't even aware of it.

Background: I manage an ecommerce website. Recent bot traffic is up. Most traffic can be traced to one or two IP addresses with hundreds of requests per day. These ip addresses don't have DNS records for reverse lookup, and when I map the requests in cloudflare, one address shows up as requesting from different data centers all over the US. What is going on here? Source IP example 173 . 245 . 58 . 0

Chicago, United States (ORD)

340 requests

San Jose, United States (SJC)

330 requests

Los Angeles, United States (LAX)

310 requests

Atlanta, United States (ATL)

310 requests

Dallas-Fort Worth, United States (DFW)

290 requests

Newark, United States (EWR)

280 requests

Washington, United States (IAD)

230 requests

Miami, United States (MIA)

210 requests

Boston, United States (BOS)

140 requests

Singapore, Singapore (SIN)

130 requests

Thanks for ideas.

What are you working on? Any new ideas that you're thinking about?

Hi folks! I have huge success on a prototype of this approach:

- Store all data as json

- App loads: load full json on a client

- Something changes by user - change json locally and every 10 seconds save whole json to backend as a single json file

- also every 10 seconds load the updated json from backend to client.

Yes, I know, parallel access problems, lack of schema, lack of db, using file to store. But how much it makes life easier and speed ups development at start! I am in this over 20 years, and I like dumb stupid solutions applied properly. Duct taping forever!

It has been 120 hours (5 days) since the internet shutdown in Iran began. While international phone calls have started working again, data remains blocked.

I am looking for technical solutions to establish resilient, long-term communication channels that can bypass such shutdowns. What are the most viable options for peer-to-peer messaging, mesh networks, or satellite-based solutions that don't rely on local ISP infrastructure?

In many currently active threads, members of the community are alluding to major productivity gains with more recent LLM models. I think it would be illuminating for all of us to hear what sorts of problem domains and lines of business these successes have occurred in.

A good example would be: "My team used Claude Code Opus 4.5 to build and ship an iOS fitness app that now has 10k paying users." This shows that the results of your process found paying customers.

Less helpful example would be: "My team is closing tickets faster than ever" or "I finally finished the novel I have been working on and my friends say it's great!" These are less interesting because they do not give us any insight into the market response.

For several weeks now I've been receiving spam impersonating Gmail. It always contain link to https://storage.googleapis.com/rightsmoves/... The email looks like this:

https://imgur.com/xyXfPI8

Even Google's own Gemini knows it's a scam:

> The URL https://storage.googleapis.com/rightsmoves/ points to a specific Google Cloud Storage bucket named "rightsmoves". Based on recent security data and web scans, this particular bucket has been associated with malicious activity, specifically phishing and "traffic stealing" schemes.

I've reported it several times via Google Cloud Platform abuse form and they ignore it.

Is it Google's total incompetence? Why are they allowing scams from their own domain?

Why am I seeing this on so many sites recently (in FireFox)? I've seen it half a dozen times in the past month or so, had never noticed it before then.

"You can't use speech synthesis because the speech dispatcher library is missing"

There's a 'learn more' link, but it just talks about getting speech synthesis working in my browser. Searching for the error string returns similar discussions. I don't want to do that (especially if it's some new marketing fad). Obviously it's speech synthesis but *what is it saying?*

The most recent instance was a dell.com product page posted here on HN:

https://www.dell.com/en-us/shop/dell-ultrasharp-52-thunderbolt-hub-monitor-u5226kw/apd/210-bthw/monitors-monitor-accessories

As lots of people on HN will have visited that link I thought somebody might be able to tell me what they heard?

I’m working on a project called Injectless — a browser extension that allows websites to explicitly declare which data they are allowed to inject into external sites, fully controlled by the user.

Note: This post was translated to English using AI. My native language is Spanish.

The Problem:

Users of SaaS apps (accounting, project management, etc.) often need to repeatedly copy data into external forms (government portals, client systems, etc.). Today this is a tedious, fully manual process.

My Current Solution

A browser extension where:

- Websites expose an injectless.json declaring which fields they can fill and on which domains

- The user explicitly installs the integration (one-click opt-in)

- When visiting an allowed site, the extension offers to “paste” each field

The Doubt

A friend suggested that instead of a browser extension, this should be a native app (similar to KeePassXC or Espanso) that:

- Works in any browser without installing multiple extensions

- Pastes sequences of fields using TAB (simpler, more universal)

- Works even outside the browser

- Avoids extension permissions, CSP issues, Shadow DOM, etc.

My Concerns About a Native App

- Mobile: Browser extensions do work on mobile (Safari iOS, Firefox Android). Native apps would face heavy sandboxing restrictions

- UX: The extension popup can show exactly which fields are available for the current page. A native app would be more “blind”

- Context: The extension knows which page you’re on and can automatically validate allowed domains

The Question

What seems more valuable / practical?

A) Browser extension (current approach) — more context, mobile support, clearer UX

B) Native app like Espanso/KeePassXC — more universal, single install, simpler

C) Both — native app as a base + optional extension as a companion for better UX

Has anyone worked on something similar?

What trade-offs might I be missing?

Thanks!

I've been seeing full-on pornographic video ads for dick pills inserted into innocuous YouTube videos, like educational content.

Immediately reported to Google, over a week ago.

No response, and I've seen the ad multiple times now, on different browsers/devices.

Do actual humans review this, or does Google automate to the point everything's a bot?

Malicious ads are as old as time but this is as egregious as I've ever seen it.

I have been using Claude Code for DevOps style tasks like SSHing into servers, grepping logs, inspecting files, and querying databases

Overall it's been great. However, I find myself having to review every single command, a lot of which are repetitive. It still saves me a ton of time, but it's quickly becoming a bit tedious

I wish I could give the agent some more autonomy. Like giving it a list of pre-approved commands or actions that it is allowed to run over ssh

For example:

    OK: ls, grep, cat, tail
    Not OK: rm, mv, chmod, etc
    OK: SELECT queries
    Not OK: INSERT, DELETE, DROP, TRUNCATE

What setups have actually worked for you, and where do you draw the line between autonomy and risk?

Inspired by the post that's on the front page as I write this [1] I'm interested to hear about who's using DuckDB in production and how.

We have a tool live that uses it and I'm quite happy so I'm both looking for interesting use cases from others but also to be honest I'm reasonably sure I've just identified today that DuckDB is leaking memory quite seriously [2] so I'm curious to hear if other people have noticed this or if it's maybe something that's not as relevant to others since people might be running DuckDB pipelines in ephemeral envs like lambdas etc. where a memory leak might not matter as much.

[1] https://news.ycombinator.com/item?id=46645176

[2] https://github.com/duckdb/duckdb/issues/20569

This afternoon I posted some tips on how to present a new* programming language to HN: https://news.ycombinator.com/item?id=46608577. It occurred to me that HN has a tradition of posts called "The {name} programming language" (part of the long tradition of papers and books with such titles) and it might be fun to track them down. I tried to keep only the interesting ones:

https://news.ycombinator.com/thelang

Similarly, Show HNs of programming languages are at https://news.ycombinator.com/showlang.

These are curated lists so they're frozen in time. Maybe we can figure out how to update them.

A few famous cases:

The Go Programming Language - https://news.ycombinator.com/item?id=934142 - Nov 2009 (219 comments)

The Rust programming language - https://news.ycombinator.com/item?id=1498528 - July 2010 (44 comments)

The Julia Programming Language - https://news.ycombinator.com/item?id=3606380 - Feb 2012 (203 comments)

The Swift Programming Language - https://news.ycombinator.com/item?id=7835099 - June 2014 (926 comments)

But the obscure and esoteric ones are the most fun.

(* where 'new' might mean old, of course - https://news.ycombinator.com/item?id=23459210)

Curious what items under $100 have made your life better or any meaningful impact.

Revival of this [thread](https://news.ycombinator.com/item?id=23363396) from 6 years ago. Thought it would be fun to have new answers to this :)

Last year I bought an A2000 for my 10" homelab to experiment with LLMs. Spent months tinkering, mostly just learning how things work.

I've been wanting a tattoo, but finding artists sucks. I got a ton of inspiration pics, but every artist I found was in LA or New York.

So I built something different. Upload an image or describe what you want, it finds artists whose work matches and shows you where they are.

The A2000 ended up as the embedding server. CLIP for visual similarity, pgvector for search, trained style classifier. So far 22k artists, 175k images, 147 cities.

https://inkdex.io

I've got an email from Linkedin:

> ## colleagues from your company already solved LinkedIn puzzle games

Are you f%%n serious, Linkedin? This is a freaking spam from "Linkedin games".

The question is, how to stop it not like unsubscribe, but how to make it painful for them to do spam us?

I ran into a practical limitation while working on ML feature engineering and multi-omics data.

At some point, the problem stops being “how many rows” and becomes “how many columns”. Thousands, then tens of thousands, sometimes more.

What I observed in practice:

- Standard SQL databases usually cap out around ~1,000–1,600 columns. - Columnar formats like Parquet can handle width, but typically require Spark or Python pipelines. - OLAP engines are fast, but tend to assume relatively narrow schemas. - Feature stores often work around this by exploding data into joins or multiple tables.

At extreme width, metadata handling, query planning, and even SQL parsing become bottlenecks.

I experimented with a different approach: - no joins - no transactions - columns distributed instead of rows - SELECT as the primary operation

With this design, it’s possible to run native SQL selects on tables with hundreds of thousands to millions of columns, with predictable (sub-second) latency when accessing a subset of columns.

On a small cluster (2 servers, AMD EPYC, 128 GB RAM each), rough numbers look like: - creating a 1M-column table: ~6 minutes - inserting a single column with 1M values: ~2 seconds - selecting ~60 columns over ~5,000 rows: ~1 second

I’m curious how others here approach ultra-wide datasets. Have you seen architectures that work cleanly at this width without resorting to heavy ETL or complex joins?